CVE-2022-0787

Summary

The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections

Affected Software

VendorProductVersion RangeStatus
UnknownLimit Login Attempts (Spam Protection)5.1 < 5.1affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References